/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package control.servlet;

import control.Connection;
import control.UserDAO;
import java.io.IOException;
import java.sql.SQLException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import model.User;
import utils.Security;

/**
 *
 * @author fred
 */
public class Login extends HttpServlet {

    /** 
     * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        response.setContentType("text/html;charset=UTF-8");
        
        // Retreives http session
        HttpSession session = request.getSession();
        // Ensures that is no user logged in
        session.setAttribute("user", null);
        
        // Get login parameters
        String userLogin = request.getParameter("login");
        String password = request.getParameter("password");
        
        try {
            Connection con = new Connection();
            UserDAO userDAO = new UserDAO(con);
            
            // Get user by login
            User user = userDAO.getUser(userLogin);
            // Check if that is a user with this login
            if (user != null) {
                // Check user password
                if (user.getPassword().equals(Security.hashString(password))) {
                    // Add user to session
                    session.setAttribute("user", user);
                }
                else {
                    session.setAttribute("message", "Invalid user or password");
                }
            }
            else {
                session.setAttribute("message", "Invalid user or password");
            }
        } catch (ClassNotFoundException ex) {
            session.setAttribute("message", "Problem accessing the database "
                    + "with following message: " + ex.getMessage());
        } catch (SQLException ex) {
            session.setAttribute("message", "Problem accessing the database "
                    + "with following message: " + ex.getMessage());
        } finally {
            // returns to index page
            response.sendRedirect("index.jsp");
        }
    }

    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
    /** 
     * Handles the HTTP <code>GET</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /** 
     * Handles the HTTP <code>POST</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /** 
     * Returns a short description of the servlet.
     * @return a String containing servlet description
     */
    @Override
    public String getServletInfo() {
        return "Short description";
    }// </editor-fold>
}
